Coda File System

Re: Coda authentification & LDAP

From: <u+codalist-p4pg_at_chalmers.se>
Date: Fri, 9 Mar 2007 18:32:23 +0100
Hi Stephane,

On Fri, Mar 09, 2007 at 04:33:05PM +0100, S. Cance wrote:
> Thanks to your explanations, I can only think of one way to use LDAP and 
> Coda and it would be to export LDAP users/passwords into coda database 
> (via pdbtool) (the passwords would be hashed). Then before negociating 

pdbtool does not do anything with passwords, they are kept in a separate
file and handled separately.

Note that password hashes in LDAP are presumably widely accessible.
If you put them into Coda password database, you open all Coda accounts
to anyone who can read your hashes from LDAP.

> anything betweed server & client, the client ask the LDAP server to hash 
> the password the user gave. This would work if the LDAP hash system 

A client might simply fetch the stored hash from LDAP without using
any password? :-)
May be I misunderstand your plans.

> wasn't adding random salt.

Take care,
Rune
Received on 2007-03-09 12:32:56